[Dshield] Code Red 1 - Yawn. - Thank You Dshield!

mike harrison meuon at highertech.net
Sun Aug 19 06:53:59 GMT 2001


 First a very short intro: We run a small ISP and colo facility.

 Good news: At approx midnight, exactly 1 Windows NT system at a remote 
 customers location (w/ a 6mbps upstream pipe) started flood pinging
 several IP's from what is apparently a stale Code Red 1 infection. 

 targets: 65.161.40.42  65.161.40.142 202.188.117.222 nexgo.de.eu.dal.net

 The systems owner and network ops staff was assured 
 that this mission critical specialty applications server was
 patched and untouched. The in-house net-ops people were not allowed
 to verify this independantly because it would "void the maintenance
 and licensing agreement". Oh well... the vendor may eventually learn.

 I just wanted to say THANK YOU to Johannes and all the participants
 of Dshield.org, because of all of your shared information, we were able
 to keep this to a single statistical anomoly. For an ISP with a few
 thousand potentially available hosts, this was a pleasant surprise. 
 
     --Mike--    

==================---------------------------------------------------- 
meuon at geeklabs.com        random thoughts + recycled electrons = email






More information about the list mailing list